CVE-2024-36358

A link following vulnerability in Trend Micro Deep Security 20.x agents below build 20.0.1-3180 could allow a local attacker to escalate privileges on affected installations.

Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Published: Jun 10, 2024
Updated: Nov 16, 2025
CVE: CVE-2024-36358
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-1106

Affected Software
References

Software	From	Fixed in
trendmicro / deep_security_agent	20.0-update1194	20.0-update1194.x
trendmicro / deep_security_agent	20.0-update1304	20.0-update1304.x
trendmicro / deep_security_agent	20.0-update1337	20.0-update1337.x
trendmicro / deep_security_agent	20.0-update1559	20.0-update1559.x
trendmicro / deep_security_agent	20.0-update1681	20.0-update1681.x
trendmicro / deep_security_agent	20.0-update1822	20.0-update1822.x
trendmicro / deep_security_agent	20.0-update1876	20.0-update1876.x
trendmicro / deep_security_agent	20.0-update2009	20.0-update2009.x
trendmicro / deep_security_agent	20.0-update2204	20.0-update2204.x
trendmicro / deep_security_agent	20.0-update2395	20.0-update2395.x
trendmicro / deep_security_agent	20.0-update2593	20.0-update2593.x
trendmicro / deep_security_agent	20.0-update2971	20.0-update2971.x
trendmicro / deep_security_agent	20.0-update3165	20.0-update3165.x
trendmicro / deep_security_agent	20.0-update3288	20.0-update3288.x
trendmicro / deep_security_agent	20.0-update3445	20.0-update3445.x
trendmicro / deep_security_agent	20.0-update3770	20.0-update3770.x
trendmicro / deep_security_agent	20.0-update4185	20.0-update4185.x
trendmicro / deep_security_agent	20.0-update4416	20.0-update4416.x
trendmicro / deep_security_agent	20.0-update4726	20.0-update4726.x
trendmicro / deep_security_agent	20.0-update4959	20.0-update4959.x
trendmicro / deep_security_agent	20.0-update5137	20.0-update5137.x
trendmicro / deep_security_agent	20.0-update5394	20.0-update5394.x
trendmicro / deep_security_agent	20.0-update5512	20.0-update5512.x
trendmicro / deep_security_agent	20.0-update5761	20.0-update5761.x
trendmicro / deep_security_agent	20.0-update5953	20.0-update5953.x
trendmicro / deep_security_agent	20.0-update6313	20.0-update6313.x
trendmicro / deep_security_agent	20.0-update6658	20.0-update6658.x
trendmicro / deep_security_agent	20.0-update6912	20.0-update6912.x
trendmicro / deep_security_agent	20.0-update7119	20.0-update7119.x
trendmicro / deep_security_agent	20.0-update7303	20.0-update7303.x
trendmicro / deep_security_agent	20.0-update7476	20.0-update7476.x
trendmicro / deep_security_agent	20.0-update7719	20.0-update7719.x
trendmicro / deep_security_agent	20.0-update7943	20.0-update7943.x
trendmicro / deep_security_agent	20.0-update8137	20.0-update8137.x
trendmicro / deep_security_agent	20.0-update8268	20.0-update8268.x
trendmicro / deep_security_agent	20.0-update8438	20.0-update8438.x
trendmicro / deep_security_agent	20.0-update8453	20.0-update8453.x
trendmicro / deep_security_agent	20.0-update877	20.0-update877.x
trendmicro / deep_security_agent	20.0.1-update690	20.0.1-update690.x
trendmicro / deep_security_agent	20.0-update2419	20.0-update2419.x
trendmicro / deep_security_agent	20.0-update2740	20.0-update2740.x
trendmicro / deep_security_agent	20.0-update2921	20.0-update2921.x
trendmicro / deep_security_agent	20.0-update3530	20.0-update3530.x
trendmicro / deep_security_agent	20.0-update3771	20.0-update3771.x
trendmicro / deep_security_agent	20.0-update3964	20.0-update3964.x
trendmicro / deep_security_agent	20.0-update5810	20.0-update5810.x
trendmicro / deep_security_agent	20.0-update5995	20.0-update5995.x
trendmicro / deep_security_agent	20.0-update6690	20.0-update6690.x
trendmicro / deep_security_agent	20.0-update6860	20.0-update6860.x
trendmicro / deep_security_agent	20.0.1-update700	20.0.1-update700.x

Vulnerability Database

309,364

CVE-2024-36358

Deep Security Visibility Without the Complexity